image credit: Adobe Stock

8220 Gang used new ScrubCrypt crypter in recent cryptojacking attacks

March 9, 2023

Fortinet researchers observed the mining group 8220 Gang using a new crypter called ScrubCrypt in cryptojacking attacks.

“Between January and February 2023, FortiGuard Labs observed a payload targeting an exploitable Oracle Weblogic Server in a specific URI.” reads the analysis published by Fortinet. “This payload extracts ScrubCrypt, which obfuscates and encrypts applications and makes them able to dodge security programs. It already has an updated version, and the seller’s webpage (Figure 1) guarantees that it can bypass Windows Defender and provide anti-debug and some bypass functions.”

Read More on Security Affairs